Mass Data: Transfers from Germany Aid US Surveillance
German intelligence sends massive amounts of intercepted data to the NSA, according to documents from whistleblower Edward Snowden, which SPIEGEL has seen. The trans-Atlantic cooperation on technical matters is also much closer than first thought.
Agents with the United States National Security Agency (NSA) sometimes wax lyrical when they look back on their time in Germany -- to the idyllic Chiemsee lake and the picturesque Bavarian town of Bad Aibling. Anyone who has received "a free beer at the club email" and knows "that leberkäse is made of neither liver, nor cheese" can claim to be a real Bavaria veteran, former NSA employees write in a document called the "A Little Bad Aibling Nostalgia."
The Americans, though, were quietly replaced by telecommunications experts from the German military, part of the Fernmeldeweitverkehrsstelle der Bundeswehr. They moved into the Mangfall barracks, only a few hundred meters from the abandoned NSA structures, laid cables to the radomes and secretly took over the NSA's large-scale surveillance of radio and satellite communications.
The supposed military site is in fact a secret facility operated by the Bundesnachrichtendienst (BND), Germany's foreign intelligence agency. NSA surveillance specialists also moved onto the grounds of the barracks, into a windowless building that had been erected within just a few months. Because of its metal shell, German BND agents refer to the building, with a mixture of affection and derision, as the "Tin Can."
Day After Day
And the site in Bad Aibling could very well provide the answer to a question that has been on the minds of German politicians and the public in recent weeks.
The Snowden documents mention two data collection sites known as signals intelligence activity designators (SIGADs), through which the controversial US intelligence agency gathered about 500 million pieces of metadata in December 2012 alone. The code names cited in the documents are "US-987LA" and "US-987LB." The BND now believes that the first code name stands for Bad Aibling.
Day after day and month after month, the BND passes on to the NSA massive amounts of connection data relating to the communications it had placed under surveillance. The so-called metadata -- telephone numbers, email addresses, IP connections -- then flow into the Americans' giant databases.
When contacted, the BND stated that it believed "that the SIGADs US-987LA and US-987LB are associated with Bad Aibling and telecommunications surveillance in Afghanistan."
Officially, the German government is still waiting for an answer from Washington as to where in Germany the metadata documented in the NSA files was obtained. For the BND and the Chancellery, which supervises the foreign intelligence agency, the clarification of what and who are behind the two SIGADs, and exactly what sort of information was passed on, is an extremely delicate matter.
The heads of both the BND and the Chancellery have stated their positions publicly with surprising clarity. BND President Gerhard Schindler said that data relating to German citizens was only passed on to the Americans in two instances, both in 2012. Chanceller Angela Merkel's chief of staff, Ronald Pofalla -- who is nominally in charge of coordinating Germany's intelligence agencies -- even stated that the German agencies had acted in full compliance with the country's data privacy laws.
Closer Cooperation than Thought
The opposition is now waiting for an opportunity to disprove these statements. The center-left Social Democrats have made the Snowden revelations an issue in Germany's upcoming parliamentary election. An SPD campaign poster depicts Chancellor Angela Merkel and the words: "Privacy. Virgin Territory for Merkel?"
The fact that massive amounts of metadata reached NSA databases from German soil is likely to ratchet the discussion over the role of the BND and its cooperation with the NSA even further. New documents from the Snowden archive also show that there is much closer cooperation than previously thought in relation to the controversial XKeyscore surveillance program. SPIEGEL reported on the delivery and use of the program two weeks ago.
According to the documents, there was a meeting not long ago between agents from the NSA, the BND and the Federal Office for the Protection of the Constitution (BfV), Germany's domestic intelligence agency, in which the latest potential applications of XKeyscore were discussed. In addition, it wasn't just Germans using American surveillance programs. According to the documents, US agents also showed an interest in two BND programs, which, according to American experts, were to some extent even more effective than their own solutions.
Should the BND information be correct, it could provide Berlin a convenient way to save face. The data gathered in Bad Aibling apparently would seem to relate to the BND's legal foreign surveillance targets, which consists primarily of data transmitted in Afghanistan and the Middle East.
In response to inquiries, the BND confirmed that it does transmit connection data to the NSA. But it notes: "Before metadata relating to other countries is passed on, it is purged, in a multistep process, of any personal data about German citizens it may contain." According to the BND, its surveillance does not apply to German telecommunications and German citizens. In addition, say BND officials, there is currently no reason to believe that the "NSA gathers personal data on German citizens in Germany."
This would mean that although the data diverted in Bad Aibling and passed on to the NSA is technically acquired in Germany, it generally does not relate to German citizens. The BND is forbidden from monitoring the communications of German citizens by the G-10 law, a regulation anchored in the constitution which limits the powers of the intelligence agencies.
But the massive transfer of data abroad raises new, fundamental questions about the legality of cooperation on matters of intelligence. On what legal grounds does the BND cooperate to such a vast extent with the NSA? How should the transfer of this metadata be classified, especially now that documents from the Snowden archive have revealed the far-reaching possibilities for analysis provided by the data? And given the sheer volume of data involved, how does the BND intend to rule out the possibility that the metadata does in fact contain data relating to Germans?
As a rule, the NSA is also not permitted to spy on US citizens, although its records indicate that the agency cannot guarantee that there haven't been exceptions to the rule. For this reason, there are special procedures to avoid such intelligence glitches.
Does the BND also have such procedures? And in light of the massive transfer of data, how credible is the statement from Chief of Staff Pofalla that German intelligence agencies meticulously observed data privacy laws?
In response, the BND states: "All activities in the context of cooperation with other intelligence services are undertaken in compliance with the law, especially the BND law and the G-10 law."
Questions relating to the exchange of data become all the more pressing when one considers that Bad Aibling, according to the documents from the Snowden archive, was, at least for a time, not the only BND listening post on German soil from which large amounts of data were sent to the NSA -- a "daily" occurrence, according to the NSA documents.
In a 2006 travel report, members of an NSA delegation rave about their first visit to the BND surveillance facility in Schöningen, near Braunschweig in north-central Germany. According to the visitors' notes, about 100 BND employees there, with the help of 19 antennas, intercepted the signals of satellite and mobile communications providers in Afghanistan and Africa.
A 'New Level'
The document mentions 400,000 recordings of data from satellite telephone provider Thuraya, 14,000 recordings of data from commercial satellite operator Inmarsat and 6,000 recordings a day of mobile communications, as well as daily eavesdropping on 62,000 emails. "The NSA benefits from this collection, especially the intercepts from Afghanistan, which the BND shares on a daily basis."
When confronted with this information, the BND stated: "None of the data acquired there is currently being transmitted to the NSA."
The NSA delegation's trip report is also interesting for another reason. It has not yet been clearly determined exactly how much German intelligence services and the Chancellery knew about American surveillance activities and when they knew it. It has been conspicuous that many of the official denials issued in recent weeks have referred explicitly and exclusively to the PRISM surveillance program -- perhaps for good reason.
The NSA delegation's 2006 report suggests that there was close cooperation, especially on technical surveillance issues. A "new level" had been reached in this regard, the report reads. The BND officials had apparently managed to impress their visitors. BND specialists presented various analysis tools to their US counterparts, including two systems called Mira4 and VERAS. "In some ways, these tools have features that surpass US SIGINT capabilities," the report reads.
If the US delegation's trip report is to be believed, the two agencies arranged a deal of sorts at the time. "The BND responded positively to NSA's request for a copy of Mira4 and VERAS software," the report reads. In return, the Germans apparently asked the NSA for support.
The cooperation apparently continued to develop in this spirit, becoming particularly close at the Mangfall barracks, headquarters of the Special United States Liaison Activity Germany, or SUSLAG, which represented the NSA locally, since 2004.
To mark the first anniversary of working in the Tin Can, the NSA representative and her German counterparts symbolically celebrated the strong spirit of cooperation in Bavaria by planting a tree in front of the NSA building.
But their cooperation would extend well beyond symbolism and spatial proximity. The NSA office apparently embarked on a program of "strategic cooperation," which was reflected in two specific intelligence joint ventures on German soil. According to one NSA document, two joint NSA and BND operations were already underway at the time of the tree-planting ceremony: the Joint Analysis Center and the Joint SIGINT (Signals Intelligence) Activity program.
The document indicates that there were five civilian NSA analysis specialists working with BND experts who had specialized in data from Russia. The joint telecommunications surveillance program began in 2004 and was directed against "terrorism, proliferation and other foreign targets."
The NSA specialists developed their own communications center in the Tin Can and, according to the documents, established the first direct electronic connection to the NSA network. This opened the door to the large-scale transfer of data.
The existence of joint German-American surveillance task forces suggests that the agencies must have been very well informed about their respective counterparts' surveillance options. This seems all the more likely given that the technical exchange only intensified in the ensuing years. US agents trained their German counterparts to use the especially productive XKeyscore surveillance program, which the NSA provided to both the BND and the BfV.
According to a document from the Snowden archive, the German NSA office and the BND jointly presented XKeyscore to the BfV in October 2011.
"The BND XKEYSCORE system successfully processed DSL wiretap collection belonging to a German CT (counter-terrorism) target," reads the document, which SPIEGEL has seen. As a result of the successful demonstration, the vice president of the BfV "formally requested" the software.
According to the documents, this cooperation also involved discussions of previously unknown analysis tools within the program, such as "behavior detection," or the ability to detect certain situations, groups or even individuals on the basis of behavioral patterns. The goal of training sessions provided by the Americans was apparently to familiarize the Germans with the capabilities of XKeyscore, especially its "discovery capabilities."
According to the documents, one of these training sessions, in which representatives of the BND and the BfV were to be told about new details in XKeyscore and, in particular, about "behavior detection," was scheduled to be held in Bad Aibling in April -- only a few weeks before Edward Snowden's revelations about XKeyscore and other surveillance programs began.
Translated from the German by Christopher Sultan
© SPIEGEL ONLINE 2013
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH
Click on the links below for more information about DER SPIEGEL's history, how to subscribe or purchase the latest issue of the German-language edition in print or digital form or how to obtain rights to reprint SPIEGEL articles.
- Frequently Asked Questions: Everything You Need to Know about DER SPIEGEL
- Six Decades of Quality Journalism: The History of DER SPIEGEL
- A New Home in HafenCity: SPIEGEL's New Hamburg HQ
- Reprints: How To License SPIEGEL Articles